Adobe ColdFusion CVE-2018-15961 Arbitrary File Upload Vulnerability
Adobe ColdFusion is prone to an arbitrary file-upload vulnerability.
An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
The following versions are vulnerable:
ColdFusion (2016 release) Update 6 and prior
ColdFusion 11 Update 14 and prior